AIX 4.2/4.3 - netstat -Z Statistic Clearing

Author: alex medvedev
type: local
platform: aix
port: 
date_added: 2000-09-03 
date_updated: 2012-08-03 
verified: 1 
codes: CVE-2000-0873;OSVDB-1548 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/1660/info

A vulnerability exists in versions 4.x. x of AIX, from IBM. Any local user can utilize the -Z command to netstat, without needing to be root. This will cause interface statistics to be reset. This could potentially interfere with programs that track statistical information.

$ netstat -in --> shows stats
$ netstat -Zi --> clears them without checking the uid